exploit the possibilities
Showing 1 - 14 of 14 RSS Feed

CVE-2019-9500

Status Candidate

Overview

The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brcmf_wowl_nd_results function. This vulnerability can be exploited with compromised chipsets to compromise the host, or when used in combination with CVE-2019-9503, can be used remotely. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.

Related Files

Red Hat Security Advisory 2019-4168-01
Posted Dec 10, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4168-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, kernel
systems | linux, redhat
advisories | CVE-2019-9500
MD5 | 376ded621b89e5ac3a374fd61c9ec8b1
Red Hat Security Advisory 2019-4171-01
Posted Dec 10, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4171-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, kernel
systems | linux, redhat
advisories | CVE-2019-9500
MD5 | 37c23e4c50eda89425f47b99d7f73071
Red Hat Security Advisory 2019-3217-01
Posted Oct 29, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-3217-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include buffer overflow, denial of service, null pointer, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-10902, CVE-2018-20856, CVE-2019-11810, CVE-2019-9500, CVE-2019-9506
MD5 | 4f8fa3c1a7c224ba455015f723255f36
Red Hat Security Advisory 2019-2945-01
Posted Oct 1, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2945-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security fix: If the Wake-up on Wireless LAN functionality is configured in the brcmfmac driver, which only works with Broadcom FullMAC chipsets, a malicious event frame can be constructed to trigger a heap buffer overflow in the brcmf_wowl_nd_results() function. This vulnerability can be exploited by compromised chipsets to compromise the host, or when used in combination with another brcmfmac driver flaw, can be used remotely. This can result in a remote denial of service. Due to the nature of the flaw, a remote privilege escalation cannot be fully ruled out. Issues addressed include buffer overflow and denial of service vulnerabilities.

tags | advisory, remote, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-9500
MD5 | a87b3a5a1e36d60f2f04b5816c45a291
Red Hat Security Advisory 2019-2741-01
Posted Sep 11, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2741-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, bypass, denial of service, heap overflow, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-11487, CVE-2019-3846, CVE-2019-3887, CVE-2019-9500, CVE-2019-9503
MD5 | 9489ce13236817a5be2175c9cae721fd
Red Hat Security Advisory 2019-2703-01
Posted Sep 10, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2703-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, bypass, denial of service, heap overflow, and use-after-free vulnerabilities.

tags | advisory, denial of service, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2018-19824, CVE-2019-11487, CVE-2019-12817, CVE-2019-3846, CVE-2019-3887, CVE-2019-9500, CVE-2019-9503
MD5 | df8aebdd79fb95d86af73d0ad346daa7
Red Hat Security Advisory 2019-2600-01
Posted Sep 3, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2600-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, kernel
systems | linux, redhat
advisories | CVE-2019-1125, CVE-2019-9500
MD5 | 3d07240914815e2d5c01fb25c1d429c3
Red Hat Security Advisory 2019-2609-01
Posted Sep 3, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2609-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, kernel
systems | linux, redhat
advisories | CVE-2019-1125, CVE-2019-9500
MD5 | 1cc605fbcb01058812c65af759304ec7
Debian Security Advisory 4465-1
Posted Jun 19, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4465-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2019-10126, CVE-2019-11477, CVE-2019-11478, CVE-2019-11479, CVE-2019-11486, CVE-2019-11599, CVE-2019-11815, CVE-2019-11833, CVE-2019-11884, CVE-2019-3846, CVE-2019-5489, CVE-2019-9500, CVE-2019-9503
MD5 | a2e7d7ad8cd5265b8a90186bcd82ff4d
Ubuntu Security Notice USN-3981-2
Posted May 15, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3981-2 - USN-3981-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS and for the Linux Azure kernel for Ubuntu 14.04 LTS.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2018-16884, CVE-2019-11091, CVE-2019-3874, CVE-2019-3882, CVE-2019-9500, CVE-2019-9503
MD5 | e3d575c2a8e4c8f53addab94c8ad02a8
Ubuntu Security Notice USN-3980-2
Posted May 15, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3980-2 - USN-3980-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.10 for Ubuntu 18.04 LTS.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2018-16884, CVE-2019-11091, CVE-2019-3874, CVE-2019-3882, CVE-2019-3887, CVE-2019-9500, CVE-2019-9503
MD5 | 7cfee810146fd450b6342d5119f6ae1d
Ubuntu Security Notice USN-3981-1
Posted May 15, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3981-1 - Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2018-16884, CVE-2019-11091, CVE-2019-3874, CVE-2019-3882, CVE-2019-9500, CVE-2019-9503
MD5 | f0906bb7f0f2086fbb32ea4d9c6cfb12
Ubuntu Security Notice USN-3980-1
Posted May 15, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3980-1 - Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2018-16884, CVE-2019-11091, CVE-2019-3874, CVE-2019-3882, CVE-2019-3887, CVE-2019-9500, CVE-2019-9503
MD5 | 272b24f140a71c5e49da0eb1880e5f5d
Ubuntu Security Notice USN-3979-1
Posted May 15, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3979-1 - Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091, CVE-2019-11683, CVE-2019-1999, CVE-2019-3874, CVE-2019-3882, CVE-2019-3887, CVE-2019-9500, CVE-2019-9503
MD5 | 2863e76273d8cfeb59a307022e977a20
Page 1 of 1
Back1Next

File Archive:

December 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    22 Files
  • 2
    Dec 2nd
    0 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close